Hi Carl, This heavily depends on your OTP backend. The problem arises when the OTP is not passed to the radius server, which is the case with all challenge response protocols. Then the backend can not easily predict, which OTP value the user has entered--- due to time drifts (time based) or blank presses (event based). I.e. such backend should check with a bunch of acceptable OTP values. And this means you need a freeradius module that is capable of communicating with the OTP backend in the right way. Kind regards Cornelius
Am 09.07.2012 um 07:07 schrieb Carl Pierre <carl.e.pie...@gmail.com>: > Hello: > > I have recently been made a part of a project in which we intend to use > freeradius. > So far, FR seems to be the ideal tool except for one small issue: 2-Factor > Authentication. > > Try as I might, I cannot seem to find any way to set up a multi-factor > solution using PEAP. > So I suppose my question is this: has anyone had any luck using EAP and > challenging the > user to enter some sort of OTP? I know that EAP-GTC is meant to do this, but > the meager > documentation I have on it does not give too much detail. > > Regards > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
